All information received by or available to SAV Advisory staff, sub-contractors, or committee members, in any format, during audit activities, other certification
activities, or any dealings with an organization for any reason, shall be considered strictly confidential. This information shall not be disclosed to any third party (unless specified in ISO/IEC 17021-1:2015) without the express permission of the concerned organization or individual. This confidentiality requirement also extends to any organization with a legitimate right to audit or evaluate SAV Advisory.
Where SAV Advisory is required by law to release confidential information to a third party, the client or individual concerned shall, unless regulated by law, be notified in advance of the information provided.
However, where the organization is seen to be operating contrary to legal requirements or has operating practices which pose a danger to staff, customers, or the environment, SAV Advisory reserves the right to immediately report any such incident to the relevant authority. Any such reporting will only be undertaken with the permission of top management.
All records at SAV Advisory will be retained in a secure manner, only accessible to authorized staff via either paper records or password-controlled electronic records. Sub-contractors will be limited to accessing information produced by them in conducting an Audit. Records will only be made available to organizations that can demonstrate a legitimate (and legal) right to view those records and specifically to Accreditation Bodies.
All staff, Sub-Contractors, CEOs, and Committee Members will be required to agree to SAV Advisory’s confidentiality policy and sign a confidentiality agreement. Sub-contractors will also sign an agreement that also contains the responsibility to maintain confidentiality.
SAV Advisory Inc. is the legal entity responsible for certification activities; reference to SAV Advisory in this Policy and Public Statement refers to these legal entities.
SAV Advisory, its managers, Staff, and Subcontractors fully understand the importance of impartiality in undertaking its Certification Activities. SAV Advisory will therefore ensure that in all its dealings with clients or potential clients, all employees or other personnel are and will remain impartial. To ensure that impartiality is both maintained and can be demonstrated, the following principles have been established.
SAV Advisory Certificates are only issued following a review by an independent, authorized, and competent member of the management team (who has not been involved in the Audit) to ensure that no interest shall predominate. SAV Advisory generally does not offer (and has never offered) consultancy or any other form of consultancy to companies or individuals. Prior to such services, an assessment of conflicts of interest is performed and approved by the CEO.
SAV Advisory does not offer (and has never offered) an internal audit service to its certified clients.
SAV Advisory does not own or have any interest (financial or otherwise) in any other company that offers certification services.
SAV Advisory does not have (and will not form) any relationships with companies that offer consultancy or other services that can be construed as having an impact on the certification services provided by the company. Any proposed relationship between the company and any other company will undergo a risk assessment by the Committee for Impartiality before that relationship is formalized. Any current relationships with companies, organizations, and individuals will be risk assessed regularly to ensure that the relationship does not impact the impartiality of the certification process.
Individuals employed by or otherwise contracted to SAV Advisory are required to document and record their current and past relationships with all companies. Any situation, past or present, which may present a potential conflict of interest is required by SAV Advisory to be declared. SAV Advisory will use the information to identify any threats to impartiality and will not use that individual in any capacity unless they can demonstrate that there is no conflict of interest.
SAV Advisory will not assign a staff member or subcontractor to an audit if a past relationship with the organization has existed. However, at the discretion of
the Technical Manager or Directors, an individual or subcontractor may be assigned to an audit if there was a past relationship, provided that there has been no relationship for at least 2 years.
SAV Advisory does not and will not offer any commission, (‘finder’s fees’ or other inducements) to any individual or company in respect of referrals of clients unless:
SAV Advisory does not offer specific training to any company in respect of implementing a particular standard for that company. Any training offered by SAV Advisory is general in nature and available to all companies or individuals who wish to attend.
SAV Advisory will ensure that it is not linked or marketed in any way which links it with the activities of a management system consultancy and will take appropriate action should any such link be identified.
Auditors and others involved in the certification process are not and will not be put under any pressure and will not be influenced in any way to come to a particular conclusion regarding the result of an audit.
SAV Advisory’s Impartiality Norms:
To supplement in-house resources, SAV Advisory employs Associate (subcontract) Auditors and sometimes has working relationships with overseas business managers. At no stage does SAV Advisory outsource its audits to consultancy organizations, outsource its certification decisions, or link its marketing activities with consultancy. SAV Advisory retains full control of all decision-making processes regarding granting, maintaining, renewing, extending, reducing, suspending, or withdrawing certification.
SAV Advisory recognizes that the source of revenue for a certification body is the client paying for certification, and that this is a potential threat to impartiality. Therefore, SAV Advisory is a self-financed independent organization, with a number of controls to ensure that impartiality is retained. To obtain and maintain confidence, it is essential that SAV Advisory’s certification decisions are based on objective evidence of conformity or nonconformity, and that any decisions made are not influenced by other interests or by other parties. Certification decisions are made and signed for by a competent Scheme Manager who was not responsible for the Audit and was not a member of the Audit team. SAV Advisory recognizes that threats to impartiality include the following:
SAV Advisory, its Top management, Managers, Staff, and others involved in the Certification of Management System fully understand the importance of impartiality in undertaking its Certification Activities.
The company will therefore ensure that in its dealings with clients or potential clients, all employees or other personnel involved in Certification Activities are, and will remain, impartial.
To ensure that impartiality is both maintained and can be demonstrated, SAV Advisory has identified and risk assessed all relationships which may result in a conflict of interest or pose a threat to impartiality. Based on the assessment, nothing has come to SAV Advisory Inc.’s attention that may require additional mitigation.
By partnering with SAV Advisory, you gain access to a team of experts dedicated to ensuring your business’s cyber health and compliance, allowing you to focus on achieving your business objectives.